ATG Programming Guide

Security Policy Object

A security policy determines whether a user has access to a particular object. In Dynamo, the standard security policy is in Nucleus at /atg/dynamo/security/SecurityPolicy. This instance of the atg.security.StandardSecurityPolicy object provides the following policy:

If no ACL is defined for an object, access is allowed.

If the accessor is the owner of an object, access is allowed if the desired access privilege is LIST, READ_ACL, or WRITE_ACL. This approach makes the object’s security information modifiable if the ACL become corrupted.

If the ACL for the object has a deny (or negative) access privilege that applies to the user, access is denied even if other permissions are positive.

If the ACL for the object has an allow (or positive) access privilege that applies to the user, access is allowed as long as there is not a corresponding deny.

If no ACL entries apply to the user, access is denied.

Note: This policy differs slightly from the java.security.acl policy, where a combination of positive and negative ACL entries with the same Principal negate each other, providing no change to the access control for that Principal. This differentiation is deliberate; ATG believes that in no case should an explicit deny access control entry be ignored.